Products

Solutions

Company

Book A Live Demo

CVE-2021-35108 : Security Advisory and Response

Discover how the vulnerability in Snapdragon Connectivity and Snapdragon Mobile devices (CVE-2021-35108) can lead to non-secure read and write access. Learn about its impact, affected systems, and mitigation strategies.

Qualcomm's Snapdragon Connectivity and Snapdragon Mobile devices are susceptible to a vulnerability that allows non-secure read and write access due to improper checking of the AP-S lock bit. This CVE has been assigned a base score of 6.8, indicating a medium severity threat. Here's what you need to know about CVE-2021-35108.

Understanding CVE-2021-35108

This section details the impact, technical aspects, and mitigation strategies related to CVE-2021-35108.

What is CVE-2021-35108?

CVE-2021-35108 involves the improper validation of secure resource group permissions in Snapdragon Connectivity and Snapdragon Mobile, leading to unauthorized access.

The Impact of CVE-2021-35108

The vulnerability poses a high risk to confidentiality, integrity, and availability, as unauthorized users can gain non-secure read and write access on affected devices.

Technical Details of CVE-2021-35108

Here are the technical specifics of CVE-2021-35108.

Vulnerability Description

The flaw arises from inadequate validation of the AP-S lock bit during secure resource group permission verification, enabling unauthorized access.

Affected Systems and Versions

Devices using Snapdragon Connectivity and Snapdragon Mobile, specifically versions SD 8 Gen1 5G, SM7450, SM8475, SM8475P, WCD9370, WCD9375, WCD9380, WCD9385, WCN6750, WCN6855, WCN6856, WCN7851, WSA8830, WSA8832, and WSA8835, are impacted.

Exploitation Mechanism

The vulnerability can be exploited physically, with low attack complexity, and does not require any special privileges from the user.

Mitigation and Prevention

Protecting your systems against CVE-2021-35108 is crucial. Learn how to mitigate the risks posed by this security flaw.

Immediate Steps to Take

Immediate actions include applying security patches, monitoring network activity for suspicious behavior, and enforcing the principle of least privilege.

Long-Term Security Practices

Ensure regular security audits, educate users on safe practices, and keep systems up to date with the latest firmware and security updates.

Patching and Updates

Stay informed about security bulletins and updates from Qualcomm to address CVE-2021-35108 effectively.

CVE-2021-35108 : Security Advisory and Response

Understanding CVE-2021-35108

What is CVE-2021-35108?

The Impact of CVE-2021-35108

Technical Details of CVE-2021-35108

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2021-35108 : Security Advisory and Response

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2021-35108

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2021-35108?

The Impact of CVE-2021-35108

Technical Details of CVE-2021-35108

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2021-35108

What is CVE-2021-35108?

Is your System Free of Underlying Vulnerabilities?
Find Out Now